playwright-local

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] BENIGN with SUSPICIOUS potential: The skill/documentation is coherent for local Playwright automation and session management, but the extensive anti-detection/stealth guidance and emphasis on bypassing bot defenses elevate risk. It could enable scraping of protected sites or circumvent protections, which may breach terms of service. Given the dual-use nature, treat as suspicious overall: capable of legitimate automation but with clear patterns to evade detection and persist sessions, which could be misused. LLM verification: The skill fragment is largely coherent with a local Playwright-based automation tool that includes stealth capabilities. While core functionality (browser automation, page scraping) is legitimate, the stealth guidance, unpinned dependencies, and mentions of external scripts raise supply-chain and misuse risks. To reduce risk, enforce strict dependency pinning, scope stealth capabilities to approved testing contexts, limit network access to official endpoints, and implement robust auditing and ac